← 返回 Skills 市场
254
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install sjht-ssh-ops
功能描述
SSH 密钥管理和远程服务器运维工具。 用于生成 SSH 密钥、部署公钥到远程主机实现免密登录、测试连接、查看远程主机信息、 以及远程执行运维命令。Use when 用户需要连接远程服务器、配置 SSH 免密登录、 管理服务器、部署应用、或在远程主机上执行命令。触发短语包括: "SSH登录"、"免密登录"、"服务...
安全使用建议
This skill appears to do what it claims: generate SSH keys, deploy public keys, test logins, and run remote commands. Before installing or running it, review and consider the following:
- Inspect the script yourself (scripts/ssh-key-setup.sh) to confirm you're comfortable with its behavior. It will write keys to ~/.ssh and may overwrite or add files there.
- The script will try to install sshpass via apt-get or yum automatically if missing. That changes system packages and likely requires root; prefer to install sshpass yourself or run the script with awareness of this side effect.
- Deployment uses an SSHPASS environment variable for the target host password. Do not store that password in chat logs or persistent files; pass it only in a secure, ephemeral way and unset it afterwards. Recognize this transmits plaintext credentials to sshpass for password-based login during deployment.
- The script calls ssh-copy-id with StrictHostKeyChecking=no, which accepts unknown host keys and bypasses interactive host-key verification — consider verifying host keys manually to avoid connecting to an unexpected host.
- Because the skill runs shell commands, only use it with hosts you trust. If you need stronger guarantees, run the script locally (not via an agent) and ensure your environment has appropriate backups for existing SSH keys.
If you want higher assurance, ask the maintainer to (1) declare SSHPASS as an optional env var in metadata, (2) avoid auto-installing packages without user confirmation, and (3) document required privileges for package installation.
功能分析
Type: OpenClaw Skill
Name: sjht-ssh-ops
Version: 1.0.1
The skill provides powerful SSH key management and remote command execution capabilities, which are inherently high-risk. The script `scripts/ssh-key-setup.sh` lacks input sanitization for the `host` and `user` parameters, making it vulnerable to local shell injection if the AI agent provides malformed input. Additionally, the script automatically installs the `sshpass` utility and disables SSH host key verification (`StrictHostKeyChecking=no`), which are risky practices even if aligned with the tool's stated purpose of server administration.
能力评估
Purpose & Capability
Name/description align with the included SKILL.md and the bash script. The script provides key generation, public-key deployment (ssh-copy-id via sshpass), connection testing, host info, and listing — all expected for an SSH ops utility.
Instruction Scope
SKILL.md and the script explicitly instruct the agent/user to run the included shell script and to perform arbitrary remote commands over SSH (expected). The script uses ssh-copy-id with StrictHostKeyChecking=no (accepts unknown host keys) and will attempt to install system package sshpass automatically; both are operational choices that reduce manual friction but weaken host-key verification and modify the system.
Install Mechanism
There is no skill-level install spec (instruction-only), but the runtime script will attempt to install the sshpass package via apt-get or yum if missing. This modifies the host system, requires package manager access (and likely root), and is a side-effect the user should consent to and review.
Credentials
The skill metadata declares no required env vars, but SKILL.md and the script rely on an SSHPASS environment variable when deploying keys. SSHPASS carries a plaintext password for remote hosts — it's appropriate for the deploy feature but should have been declared as an optional env requirement and documented with cautions. Also the script reads/writes ~/.ssh (expected) and writes a private key file locally.
Persistence & Privilege
The skill does not request persistent/always-on privileges and is user-invocable. However, at runtime it writes to ~/.ssh (creates keys) and can modify system packages (install sshpass). These are normal for this utility but are side effects that require user permission.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sjht-ssh-ops - 安装完成后,直接呼叫该 Skill 的名称或使用
/sjht-ssh-ops触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
sjht-ssh-ops 1.0.1
- No file changes detected in this release.
- No updates to features, documentation, or functionality since the previous version.
v1.0.0
ssh-ops 1.0.0 发布 — SSH 密钥及远程运维工具
- 支持本地生成 SSH 密钥,自动检查是否已存在。
- 一键部署公钥到远程服务器,实现 SSH 免密登录。
- 集成连接测试和远程服务器基本信息查看功能。
- 提供 SSH 远程命令执行、文件传输与目录同步操作范例。
- 明确安全操作建议,包括敏感信息处理与密钥权限说明。
元数据
常见问题
sjht-ssh-ops 是什么?
SSH 密钥管理和远程服务器运维工具。 用于生成 SSH 密钥、部署公钥到远程主机实现免密登录、测试连接、查看远程主机信息、 以及远程执行运维命令。Use when 用户需要连接远程服务器、配置 SSH 免密登录、 管理服务器、部署应用、或在远程主机上执行命令。触发短语包括: "SSH登录"、"免密登录"、"服务... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 254 次。
如何安装 sjht-ssh-ops?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sjht-ssh-ops」即可一键安装,无需额外配置。
sjht-ssh-ops 是免费的吗?
是的,sjht-ssh-ops 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
sjht-ssh-ops 支持哪些平台?
sjht-ssh-ops 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 sjht-ssh-ops?
由 Aowind(@aowind)开发并维护,当前版本 v1.0.1。
推荐 Skills